IOC Report

loading gif

Files

File Path
Type
Category
Malicious
C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\196877ca-4008-426f-9620-c51a08e1a19a.tmp
SysEx File -
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\26accfe8-c330-480e-b176-727ff67bff2a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\3d94159d-2de5-4271-872d-cfe65dfb8327.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\5753111a-95be-41e3-846e-4a6947f3d4d4.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\7065587e-b58a-4cbe-a0a2-9f33a84c5aff.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\0371914e-89f9-41d6-9bd4-94c9e398351f.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1531d86b-52af-4b12-85e6-6f0931cb5e66.tmp
ASCII text, with very long lines, with no line terminators
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\2fdeebb2-d29b-4d09-ab97-6cb8395b955a.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\754b0277-589a-4bd0-ad17-92ed98b51398.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\763e03c4-456a-4e16-8035-6a4e851da08e.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\AutofillStrikeDatabase\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Session
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG.olde (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History-journal
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Session1= (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Last Tabsn (copy)
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State.. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent StateMP (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3032001
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences. (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.t (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences7b (copy)
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old3} (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\36ff7498-57c0-4162-8f81-255fa7703d5a.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Session Storage\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\90c8fb99-4076-4ed9-b276-bc97925b6128.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State28 (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Platform Notifications\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\000003.log
data
modified
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Session Storage\LOG.old/a (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old3. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Visited Links
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c7ca5c43-f51b-424c-bd1d-48b9b7b6e79c.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT.. (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.oldf4 (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000004
MPEG-4 LOAS
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e2b329a1-217f-4427-bfc3-db0d42cdac03.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e4085a3c-3140-4b89-9f6d-f21f337d30bb.tmp
UTF-8 Unicode text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\e6ba5b85-f787-4128-a550-bc84fd3ed44c.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\edf3402c-94a0-4a69-9954-24100be6ea14.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State.. (copy)
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\a275f8b2-b6c1-4b1b-b88a-4ff2bb98d2fe.tmp
data
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\a947331b-635e-4ca5-9f53-13efe6014cc7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d6c0d196-d241-4270-bc41-5304d0fa45c3.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Google\Chrome\User Data\d6cbaf2f-9dfd-4f70-be94-17d14982c8c7.tmp
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\0ce14cd2-9000-41f0-b786-5246878a4e22.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_1038538240\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_1038538240\download_file_types.pb
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_1038538240\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_1038538240\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_2062207503\LICENSE
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_2062207503\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_2062207503\crl-set
data
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_2062207503\manifest.fingerprint
ASCII text, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_2062207503\manifest.json
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_809647533\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_809647533\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o
ELF 64-bit LSB relocatable, x86-64, version 1 (SYSV), not stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_809647533\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_809647533\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a
current ar archive
dropped
 clean
C:\Users\user\AppData\Local\Temp\4548_809647533\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_sz_nexe
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, BuildID[sha1]=4b15de4ab227d5e46213978b8518d53c53ce1db9, stripped
dropped
 clean
C:\Users\user\AppData\Local\Temp\6ec6d54a-0ae3-40f4-b4eb-68012ade3412.tmp
very short file (no magic)
dropped
 clean
C:\Users\user\AppData\Local\Temp\browser-sslkeys.log
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\d8d4a971-ef4e-4d64-a1a0-2cecbd87c3ff.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\ed2ff67a-9a39-4000-ba0e-4f168140f521.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\am\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ar\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\bn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\en\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\fa\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\fil\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\gu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\id\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\iw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\kn\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ml\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\mr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ms\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\nl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\pt\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\sw\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\ta\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\te\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\th\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\tr\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\uk\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\vi\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\zh\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_locales\zh_TW\messages.json
HTML document, ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\angular.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\background_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\cast_sender.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\feedback.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\feedback.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\feedback_script.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\manifest.json
ASCII text, with very long lines, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\material_css_min.css
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\mirroring_cast_streaming.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\mirroring_common.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\mirroring_hangouts.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\CRX_INSTALL\mirroring_webrtc.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_1322047639\d8d4a971-ef4e-4d64-a1a0-2cecbd87c3ff.tmp
Google Chrome extension, version 3
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\bg\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\ca\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\cs\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\da\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\de\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\el\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\en\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\en_GB\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\es\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\es_419\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\et\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\fi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\fil\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\fr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\hi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\hr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\hu\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\id\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\it\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\ja\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\ko\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\lt\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\lv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\nb\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\nl\messages.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\pl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\pt_BR\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\pt_PT\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\ro\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\ru\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\sk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\sl\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\sr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\sv\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\th\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\tr\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\uk\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\vi\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\zh_CN\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_locales\zh_TW\messages.json
UTF-8 Unicode text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\_metadata\verified_contents.json
ASCII text, with very long lines, with no line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\craw_background.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\craw_window.js
ASCII text, with very long lines
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\css\craw_window.css
ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\html\craw_window.html
HTML document, ASCII text
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\flapper.gif
GIF image data, version 89a, 30 x 30
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\icon_128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\icon_16.png
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\topbar_floating_button.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\topbar_floating_button_close.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\topbar_floating_button_hover.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\topbar_floating_button_maximize.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\images\topbar_floating_button_pressed.png
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\CRX_INSTALL\manifest.json
ASCII text, with CRLF line terminators
dropped
 clean
C:\Users\user\AppData\Local\Temp\scoped_dir4548_701165348\ed2ff67a-9a39-4000-ba0e-4f168140f521.tmp
Google Chrome extension, version 3
dropped
 clean
There are 235 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --enable-automation "https://awayras.com/
 clean
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,9404034747266387237,11772033182329980808,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1956 /prefetch:8
clean

URLs

Name
IP
Malicious
https://awayras.com/
malicious
http://waticantide.cf/23101/images/office3651.png
162.0.235.132
 malicious
http://waticantide.cf/23101/images/8.jpg
162.0.235.132
 malicious
http://waticantide.cf/23101/Share
unknown
 malicious
http://waticantide.cf/23101/images/outlook1.pngA
unknown
 malicious
http://waticantide.cf/23101/css/hover.css
162.0.235.132
 malicious
http://waticantide.cf/23101/#
unknown
 malicious
http://waticantide.cf/23101/
malicious
http://waticantide.cf/23101/images/8.jpgT
unknown
 malicious
http://waticantide.cf/23101/images/office3651.pngX
unknown
 malicious
http://waticantide.cf/23101/images/adobe.jpg
162.0.235.132
 malicious
http://waticantide.cf/23101/images/other1.png
162.0.235.132
 malicious
http://waticantide.cf/23101/images/outlook1.png
162.0.235.132
 malicious
http://waticantide.cf/23101/images/gmail.png
162.0.235.132
 malicious
https://awayras.com/
malicious
http://waticantide.cf/23101/
162.0.235.132
 malicious
http://waticantide.cf/23101/css/hover.css/
unknown
 malicious
https://apis.google.com/js/client.js
unknown
 clean
https://code.jquery.com/jquery-3.2.1.slim.min.js
unknown
 clean
https://crash.corp.google.com/samples?reportid=&q=
unknown
 clean
https://cdn.dorik.com/61a904260a0cee0011ef60e3/css/index.css?v=1638466938790clt&
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
unknown
 clean
https://cdn.dorik.com/61a904260a0cee0011ef60e3/css/index.css?v=1638466938790
89.187.169.47
 clean
https://preprod-hangouts-googleapis.sandbox.google.com
unknown
 clean
https://www.google.com
unknown
 clean
https://hangouts.google.com/hangouts/_/logpref
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=UJynxg%2FdaU3hdORGxjp2QN50rQzx2xl7ZfWTqfEachmIIZ4KqOATbG%2F
unknown
 clean
https://awayras.com/favicon.ico
174.138.116.26
 clean
https://creativecommons.org/publicdomain/zero/1.0/.
unknown
 clean
https://awayras.com/
174.138.116.26
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207
 clean
https://kit.fontawesome.com/585b051251.js
unknown
 clean
https://www.google.com/accounts/OAuthLogin?issueuberauth=1
unknown
 clean
https://github.com/madler/zlib/blob/master/zlib.h
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jsy
unknown
 clean
https://www.google.com/tools/feedback
unknown
 clean
https://dns.google
unknown
 clean
https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
unknown
 clean
https://support.google.com/chromecast/troubleshooter/2995236
unknown
 clean
http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
unknown
 clean
https://maxcdn.bootstrapcdn.com/
unknown
 clean
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1
142.250.203.110
 clean
https://payments.google.com/payments/v4/js/integrator.js
unknown
 clean
https://www.google.com;
unknown
 clean
http://waticantide.cf/favicon.ico
162.0.235.132
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
unknown
 clean
https://kit.fontawesome.com/
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushers
unknown
 clean
https://www.google.com/images/x2.gif
unknown
 clean
https://www.google.com/images/dot2.gif
unknown
 clean
https://play.google.com/log?format=json&hasfast=true
unknown
 clean
http://tools.ietf.org/html/rfc1950
unknown
 clean
http://waticantide.cf/
unknown
 clean
https://awayras.com//0
unknown
 clean
https://cdn.dorik.com/61a8ec2a0a0cee0011ef607f/61a904260a0cee0011ef60e3/images/5444342e-3766-49a1-a9
unknown
 clean
https://docs.google.com
unknown
 clean
https://www.google.com/
unknown
 clean
https://feedback.googleusercontent.com
unknown
 clean
https://clients6.google.com
unknown
 clean
https://ka-f.fontawesome.com
unknown
 clean
https://www.google.com/images/cleardot.gif
unknown
 clean
https://www.google.com/log?format=json&hasfast=true
unknown
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
unknown
 clean
https://sandbox.google.com/payments/v4/js/integrator.js
unknown
 clean
https://accounts.google.com/MergeSession
unknown
 clean
https://clients2.googleusercontent.com/crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx
142.250.203.97
 clean
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251kf
unknown
 clean
https://hangouts.clients6.google.com
unknown
 clean
https://meet.google.com
unknown
 clean
https://accounts.google.com
unknown
 clean
https://clients2.google.com/cr/report
unknown
 clean
https://awayras.com/t
unknown
 clean
https://ka-f.fontawesome.com/
unknown
 clean
http://angularjs.org
unknown
 clean
https://github.com/angular/material
unknown
 clean
https://apis.google.com
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js&
unknown
 clean
https://www-googleapis-staging.sandbox.google.com
unknown
 clean
https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
unknown
 clean
https://clients2.google.com
unknown
 clean
http://www.apache.org/licenses/LICENSE-2.0
unknown
 clean
https://www.google.com/intl/en-US/chrome/blank.html
unknown
 clean
https://ogs.google.com
unknown
 clean
https://awayras.com/2:
unknown
 clean
https://code.jquery.com/jquery-3.1.1.min.js
unknown
 clean
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.45
 clean
https://code.jquery.com/
unknown
 clean
https://chromium.googlesource.com/a/native_client/pnacl-llvm.git
unknown
 clean
https://hangouts.google.com/
unknown
 clean
https://a.nel.cloudflare.com/report/v3?s=kb4N5nQyzMot9NaCO1k7GM%2BUsMkN6EHW1qS7HQDgBRdgnXKUhqAe5Ca%2
unknown
 clean
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.11.207
 clean
http://llvm.org/):
unknown
 clean
https://kit.fontawesome.com
unknown
 clean
https://meetings.clients6.google.com
unknown
 clean
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.16.19.94
 clean
https://cdn.dorik.com/61a8ec2a0a0cee0011ef607f/61a904260a0cee0011ef60e3/images/5444342e-3766-49a1-a9ae-3173f7f4d668_hxizn6l3.png
89.187.169.47
 clean
https://awayras.com/2
unknown
 clean
https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
unknown
 clean
https://support.google.com/chromecast/answer/2998456
unknown
 clean
https://clients2.googleusercontent.com
unknown
 clean
https://code.jquery.com/jquery-3.1.1.min.js&
unknown
 clean
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
gstaticadssl.l.google.com
172.217.168.3
 clean
accounts.google.com
172.217.168.45
 clean
awayras.com
174.138.116.26
 clean
cdnjs.cloudflare.com
104.16.19.94
 clean
maxcdn.bootstrapcdn.com
104.18.11.207
 clean
waticantide.cf
162.0.235.132
 clean
clients.l.google.com
142.250.203.110
 clean
dorikcdn.b-cdn.net
89.187.169.47
 clean
googlehosted.l.googleusercontent.com
142.250.203.97
 clean
clients2.googleusercontent.com
unknown
 clean
clients2.google.com
unknown
 clean
ka-f.fontawesome.com
unknown
 clean
code.jquery.com
unknown
 clean
kit.fontawesome.com
unknown
 clean
cdn.dorik.com
unknown
 clean
There are 5 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
192.168.2.1
unknown
unknown
clean
162.0.235.132
waticantide.cf
Canada
clean
142.250.203.110
clients.l.google.com
United States
clean
89.187.169.47
dorikcdn.b-cdn.net
Czech Republic
clean
104.18.11.207
maxcdn.bootstrapcdn.com
United States
clean
172.217.168.45
accounts.google.com
United States
clean
142.250.203.97
googlehosted.l.googleusercontent.com
United States
clean
239.255.255.250
unknown
Reserved
clean
172.217.168.3
gstaticadssl.l.google.com
United States
clean
174.138.116.26
awayras.com
United States
clean
127.0.0.1
unknown
unknown
clean
104.16.19.94
cdnjs.cloudflare.com
United States
clean
There are 2 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\LastWasDefault
S-1-5-21-3853321935-2125563209-4053062332-1002
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gdaefkejpgkiemlaofpalmlakkmbjdnl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.reporting
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
module_blacklist_cache_md5_digest
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
media.storage_id_salt
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.account_id
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_seed
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
default_search_provider_data.template_url_data
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
safebrowsing.incidents_sent
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
pinned_tabs
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
search_provider_overrides
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
prefs.preference_reset_time
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
google.services.last_username
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
session.restore_on_startup
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
software_reporter.prompt_version
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
homepage_is_newtabpage
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default
browser.show_home_button
 clean
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
 clean
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
 clean
There are 32 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7FF5668E8000
unkown image
page readonly
 clean
7FF5669FB000
unkown image
page readonly
 clean
7FF5C6485000
unkown image
page readonly
 clean
22090200000
unkown
page read and write
 clean
188FDC21000
unkown
page read and write
 clean
288EFE60000
unkown
page read and write
 clean
7FF58E59B000
unkown image
page readonly
 clean
7DF5D9BB2000
unkown image
page readonly
 clean
7FF5668E4000
unkown image
page readonly
 clean
F26C7D000
stack
page read and write
 clean
2208FFB0000
heap private
page read and write
 clean
7DF58A412000
unkown image
page readonly
 clean
7DF5C2620000
unkown image
page readonly
 clean
5CF7DFF000
stack
page read and write
 clean
7FF510683000
unkown image
page readonly
 clean
188FDD50000
unkown
page read and write
 clean
7DF5264D0000
unkown image
page readonly
 clean
7FF50543B000
unkown image
page readonly
 clean
7FF5C6523000
unkown image
page readonly
 clean
7FF510BA4000
unkown image
page readonly
 clean
7FF5C65F6000
unkown image
page readonly
 clean
7FF5669FE000
unkown image
page readonly
 clean
7FF50542B000
unkown image
page readonly
 clean
AA6F37E000
stack
page read and write
 clean
7FF5668E0000
unkown image
page readonly
 clean
7FF5668D0000
unkown image
page readonly
 clean
25E327D000
stack
page read and write
 clean
7FF58E4E5000
unkown image
page readonly
 clean
7FF58E59E000
unkown image
page readonly
 clean
1A2EC5D0000
unkown image
page readonly
 clean
7FF5C6595000
unkown image
page readonly
 clean
7FF5C63FE000
unkown image
page readonly
 clean
583627F000
stack
page read and write
 clean
7DF5D9BA2000
unkown image
page readonly
 clean
1DFC9D02000
unkown
page read and write
 clean
7FF50501B000
unkown image
page readonly
 clean
583637F000
stack
page read and write
 clean
1E7C70D0000
unkown image
page readonly
 clean
583647E000
stack
page read and write
 clean
F269FE000
stack
page read and write
 clean
7FF510AB3000
unkown image
page readonly
 clean
7FF5ACD0E000
unkown image
page readonly
 clean
22090400000
unkown image
page readonly
 clean
7FF505375000
unkown image
page readonly
 clean
7FF510AF9000
unkown image
page readonly
 clean
7FF5C3D73000
unkown image
page readonly
 clean
7FF5ACD1D000
unkown image
page readonly
 clean
188F8BE0000
unkown
page read and write
 clean
7DF5264B0000
unkown image
page readonly
 clean
7FF58DA0C000
unkown image
page readonly
 clean
188FDB0A000
unkown
page read and write
 clean
188F8360000
unkown image
page readonly
 clean
1DFCA0D0000
unkown image
page readonly
 clean
20346290000
unkown image
page readonly
 clean
188F843D000
unkown
page read and write
 clean
188F8BF0000
unkown
page read and write
 clean
1E7C6F02000
unkown
page read and write
 clean
7FF5C64A4000
unkown image
page readonly
 clean
F26D7C000
stack
page read and write
 clean
7FF5ACD1F000
unkown image
page readonly
 clean
7FF58DD62000
unkown image
page readonly
 clean
5835EFC000
stack
page read and write
 clean
7DF5A3EB2000
unkown image
page readonly
 clean
288EFCE0000
unkown image
page readonly
 clean
7FF58E580000
unkown image
page readonly
 clean
188FDC30000
unkown
page read and write
 clean
7FF510873000
unkown image
page readonly
 clean
188F8BE3000
unkown
page read and write
 clean
7FF50538A000
unkown image
page readonly
 clean
7FF566590000
unkown image
page readonly
 clean
7FF58E5AB000
unkown image
page readonly
 clean
1DFC9C13000
unkown
page read and write
 clean
1DFC9B00000
unkown image
page readonly
 clean
7FF510AC7000
unkown image
page readonly
 clean
7FF5668BD000
unkown image
page readonly
 clean
7DF5C2610000
unkown image
page readonly
 clean
7FF5048A5000
unkown image
page readonly
 clean
7FF510B7F000
unkown image
page readonly
 clean
7DF5C2622000
unkown image
page readonly
 clean
21F89500000
unkown image
page readonly
 clean
22090288000
unkown
page read and write
 clean
21F89680000
unkown
page read and write
 clean
7FF5C3F63000
unkown image
page readonly
 clean
7FF57436B000
unkown image
page readonly
 clean
7FF574A53000
unkown image
page readonly
 clean
25E30FD000
stack
page read and write
 clean
188F8D59000
unkown
page read and write
 clean
1E7C6D70000
unkown image
page readonly
 clean
188FD8E0000
unkown
page read and write
 clean
188FDC24000
unkown
page read and write
 clean
7FF5C4073000
unkown image
page readonly
 clean
7DF5264B2000
unkown image
page readonly
 clean
21F89550000
heap default
page read and write
 clean
7FF566975000
unkown image
page readonly
 clean
7FF50543F000
unkown image
page readonly
 clean
188FDC00000
unkown
page read and write
 clean
7FF566928000
unkown image
page readonly
 clean
188FDB02000
unkown
page read and write
 clean
7FF56693D000
unkown image
page readonly
 clean
188FDB17000
unkown
page read and write
 clean
7FF5ACC59000
unkown image
page readonly
 clean
7FF566701000
unkown image
page readonly
 clean
7FF5ACA69000
unkown image
page readonly
 clean
188FDD00000
unkown
page read and write
 clean
7FF5667AD000
unkown image
page readonly
 clean
188F8C15000
unkown
page read and write
 clean
7FF5ACC13000
unkown image
page readonly
 clean
7FF5C426F000
unkown image
page readonly
 clean
188FDCC0000
unkown
page read and write
 clean
7FF5C3703000
unkown image
page readonly
 clean
220907B0000
unkown image
page write copy
 clean
1E7C6D50000
unkown image
page readonly
 clean
7FF5ACB9E000
unkown image
page readonly
 clean
1E7C6D40000
heap private
page read and write
 clean
7DF57C310000
unkown image
page readonly
 clean
1E7C7602000
unkown
page read and write
 clean
7FF5ACC02000
unkown image
page readonly
 clean
1DFC9C73000
unkown
page read and write
 clean
7FF5C407E000
unkown image
page readonly
 clean
7DF57C300000
unkown image
page readonly
 clean
7FF5C6537000
unkown image
page readonly
 clean
1DFC9D08000
unkown
page read and write
 clean
188FDC30000
unkown
page read and write
 clean
7FF58DD41000
unkown image
page readonly
 clean
5CF7EFF000
stack
page read and write
 clean
288EFE30000
unkown
page read and write
 clean
7FF5666F3000
unkown image
page readonly
 clean
7FF574A17000
unkown image
page readonly
 clean
7FF574ACF000
unkown image
page readonly
 clean
7FF505379000
unkown image
page readonly
 clean
7FF505410000
unkown image
page readonly
 clean
7FF5C65EF000
unkown image
page readonly
 clean
1D1D7A000
stack
page read and write
 clean
188FD8D0000
unkown
page read and write
 clean
7DF5264B0000
unkown image
page readonly
 clean
7DF51AD30000
unkown image
page readonly
 clean
C9B89FE000
stack
page read and write
 clean
288EFE7B000
unkown
page read and write
 clean
288EFE62000
unkown
page read and write
 clean
7FF5C6108000
unkown image
page readonly
 clean
1A2EC878000
unkown
page read and write
 clean
21F89708000
unkown
page read and write
 clean
188FDD50000
unkown
page read and write
 clean
20346270000
unkown image
page readonly
 clean
7FF5C42AB000
unkown image
page readonly
 clean
7FF5669CF000
unkown image
page readonly
 clean
7DF5D9BB0000
unkown image
page readonly
 clean
7FF505314000
unkown image
page readonly
 clean
7FF5053F8000
unkown image
page readonly
 clean
7DF5D9BA0000
unkown image
page readonly
 clean
188FDA9B000
unkown
page read and write
 clean
7DF51AD50000
unkown image
page readonly
 clean
288EFE64000
unkown
page read and write
 clean
7FF510B9D000
unkown image
page readonly
 clean
C9B86FE000
stack
page read and write
 clean
203462A0000
unkown image
page readonly
 clean
288F0602000
unkown
page read and write
 clean
7FF566597000
unkown image
page readonly
 clean
188F8D02000
unkown
page read and write
 clean
1DFC9C73000
unkown
page read and write
 clean
7DF5DBF40000
unkown image
page readonly
 clean
188F8D59000
unkown
page read and write
 clean
22090780000
unkown image
page readonly
 clean
1DFC9AF0000
heap private
page read and write
 clean
20346800000
unkown image
page readonly
 clean
20346980000
unkown image
page readonly
 clean
1A2EC600000
unkown image
page readonly
 clean
7DF5D9BC0000
unkown image
page readonly
 clean
288EFE75000
unkown
page read and write
 clean
1DFC9B20000
unkown image
page readonly
 clean
1DFC9C71000
unkown
page read and write
 clean
188F8D18000
unkown
page read and write
 clean
7FF505333000
unkown image
page readonly
 clean
810747C000
unkown
page read and write
 clean
188FDA62000
unkown
page read and write
 clean
188F9440000
unkown
page read and write
 clean
188F8D18000
unkown
page read and write
 clean
22090600000
unkown image
page readonly
 clean
7FF5C428D000
unkown image
page readonly
 clean
1D257A000
stack
page read and write
 clean
7DF51AD40000
unkown image
page readonly
 clean
188FDA3F000
unkown
page read and write
 clean
21F89649000
unkown
page read and write
 clean
7FF5C6600000
unkown image
page readonly
 clean
5CF78FF000
stack
page read and write
 clean
7FF510698000
unkown image
page readonly
 clean
7FF5C4280000
unkown image
page readonly
 clean
188FDC08000
unkown
page read and write
 clean
7FF5C41C8000
unkown image
page readonly
 clean
288EFE46000
unkown
page read and write
 clean
7FF5C4268000
unkown image
page readonly
 clean
7FF5AC87E000
unkown image
page readonly
 clean
7FF5669F4000
unkown image
page readonly
 clean
288EFE68000
unkown
page read and write
 clean
7FF574AE0000
unkown image
page readonly
 clean
21F8964C000
unkown
page read and write
 clean
188FD8F0000
unkown
page read and write
 clean
7FF5AC9E6000
unkown image
page readonly
 clean
288EFCD0000
unkown image
page readonly
 clean
21F89702000
unkown
page read and write
 clean
188F8D13000
unkown
page read and write
 clean
288F0200000
unkown image
page readonly
 clean
5835B7C000
stack
page read and write
 clean
7FF510B03000
unkown image
page readonly
 clean
AA6F677000
stack
page read and write
 clean
188F8BC1000
unkown
page read and write
 clean
7FF5C63CD000
unkown image
page readonly
 clean
5CF76FC000
stack
page read and write
 clean
81077FE000
stack
page read and write
 clean
1DFC9B80000
unkown
page read and write
 clean
188F8D59000
unkown
page read and write
 clean
7FF5749D0000
unkown image
page readonly
 clean
7FF505322000
unkown image
page readonly
 clean
7FF5747C6000
unkown image
page readonly
 clean
7FF56670D000
unkown image
page readonly
 clean
7FF58E5AF000
unkown image
page readonly
 clean
5CF77FF000
stack
page read and write
 clean
7FF56685F000
unkown image
page readonly
 clean
7DF58A402000
unkown image
page readonly
 clean
7FF5C41F3000
unkown image
page readonly
 clean
7FF566953000
unkown image
page readonly
 clean
7FF505348000
unkown image
page readonly
 clean
288EFE61000
unkown
page read and write
 clean
7DF58A410000
unkown image
page readonly
 clean
25E337D000
stack
page read and write
 clean
21F89520000
unkown image
page readonly
 clean
7FF5C662B000
unkown image
page readonly
 clean
7FF58E34D000
unkown image
page readonly
 clean
7FF56695A000
unkown image
page readonly
 clean
7FF5C4276000
unkown image
page readonly
 clean
7FF5109AE000
unkown image
page readonly
 clean
7DF5C2630000
unkown image
page readonly
 clean
5835D7E000
stack
page read and write
 clean
288EFE48000
unkown
page read and write
 clean
288EFE6E000
unkown
page read and write
 clean
7FF5661C5000
unkown image
page readonly
 clean
20346250000
unkown image
page read and write
 clean
1D1C77000
stack
page read and write
 clean
7FF574AF4000
unkown image
page readonly
 clean
C9B84FE000
stack
page read and write
 clean
188FDADA000
unkown
page read and write
 clean
7FF5ACC2C000
unkown image
page readonly
 clean
5CF7AFE000
stack
page read and write
 clean
1D1AFE000
stack
page read and write
 clean
7FF566516000
unkown image
page readonly
 clean
22090010000
heap default
page read and write
 clean
7FF5669D6000
unkown image
page readonly
 clean
7FF5C41BC000
unkown image
page readonly
 clean
7DF5DBF30000
unkown image
page readonly
 clean
7FF5AC7CF000
unkown image
page readonly
 clean
7FF510BBB000
unkown image
page readonly
 clean
21F894E0000
unkown image
page read and write
 clean
188FDEF0000
unkown
page read and write
 clean
7FF51098E000
unkown image
page readonly
 clean
1E7C6F13000
unkown
page read and write
 clean
188F8D18000
unkown
page read and write
 clean
7FF510B86000
unkown image
page readonly
 clean
7FF5667A4000
unkown image
page readonly
 clean
7FF5C6548000
unkown image
page readonly
 clean
188F8370000
unkown image
page readonly
 clean
188F8390000
heap default
page read and write
 clean
1D277F000
stack
page read and write
 clean
1A2EC84B000
unkown
page read and write
 clean
7FF58E5AF000
unkown image
page readonly
 clean
7DF58A420000
unkown image
page readonly
 clean
188F9350000
unkown image
page readonly
 clean
7FF5C42AF000
unkown image
page readonly
 clean
7FF566945000
unkown image
page readonly
 clean
21F89560000
unkown image
page readonly
 clean
288F0000000
unkown image
page readonly
 clean
22090264000
unkown
page read and write
 clean
7FF5667DC000
unkown image
page readonly
 clean
288EFE31000
unkown
page read and write
 clean
288EFE00000
unkown
page read and write
 clean
AA6F57B000
stack
page read and write
 clean
220900F0000
unkown image
page readonly
 clean
1DFC9C29000
unkown
page read and write
 clean
1A2EC800000
unkown
page read and write
 clean
1D1A7B000
unkown
page read and write
 clean
7DF5DBF30000
unkown image
page readonly
 clean
AA6F47B000
stack
page read and write
 clean
188F849E000
unkown
page read and write
 clean
7FF510983000
unkown image
page readonly
 clean
20346990000
unkown image
page readonly
 clean
1E7C6DB0000
unkown image
page readonly
 clean
1D21FE000
stack
page read and write
 clean
5CF719B000
unkown
page read and write
 clean
1A2EC900000
unkown
page read and write
 clean
7FF510A0F000
unkown image
page readonly
 clean
7FF566847000
unkown image
page readonly
 clean
1A2ECA00000
unkown image
page readonly
 clean
188FDAF9000
unkown
page read and write
 clean
20346402000
unkown
page read and write
 clean
F26E7B000
stack
page read and write
 clean
7FF5C6497000
unkown image
page readonly
 clean
7DF4C04E0000
unkown image
page readonly
 clean
7FF5ACC17000
unkown image
page readonly
 clean
7DF5264C0000
unkown image
page readonly
 clean
288EFE63000
unkown
page read and write
 clean
7DF5A3EA2000
unkown image
page readonly
 clean
21F89670000
unkown
page read and write
 clean
7FF505337000
unkown image
page readonly
 clean
188F8C00000
unkown
page read and write
 clean
7DF5D9BA0000
unkown image
page readonly
 clean
583607B000
stack
page read and write
 clean
7FF5ACCDF000
unkown image
page readonly
 clean
288EFE6A000
unkown
page read and write
 clean
288EFCA0000
heap private
page read and write
 clean
7DF5C2620000
unkown image
page readonly
 clean
7FF50513D000
unkown image
page readonly
 clean
F2697B000
unkown
page read and write
 clean
7DF4D9DF0000
unkown image
page readonly
 clean
7DF51AD50000
unkown image
page readonly
 clean
7DF5A3EB0000
unkown image
page readonly
 clean
7FF5ACC15000
unkown image
page readonly
 clean
188FDA2E000
unkown
page read and write
 clean
7DF5A3EB0000
unkown image
page readonly
 clean
2034642A000
unkown
page read and write
 clean
188FDC0E000
unkown
page read and write
 clean
20346260000
heap private
page read and write
 clean
583577C000
unkown
page read and write
 clean
5CF7BFF000
stack
page read and write
 clean
7FF5052BE000
unkown image
page readonly
 clean
188FDB02000
unkown
page read and write
 clean
7DF5DBF32000
unkown image
page readonly
 clean
21F89613000
unkown
page read and write
 clean
7FF510B25000
unkown image
page readonly
 clean
7FF56659F000
unkown image
page readonly
 clean
1A2ECE02000
unkown
page read and write
 clean
1DFC9D13000
unkown
page read and write
 clean
C9B847C000
unkown
page read and write
 clean
288EFCB0000
unkown image
page readonly
 clean
188F9330000
unkown image
page readonly
 clean
188F9200000
unkown
page read and write
 clean
288EFCB0000
unkown image
page readonly
 clean
1A2ECD80000
unkown image
page readonly
 clean
7FF5048A0000
unkown image
page readonly
 clean
1E7C6D50000
unkown image
page readonly
 clean
7FF510B90000
unkown image
page readonly
 clean
188F83A0000
unkown image
page readonly
 clean
1D227F000
stack
page read and write
 clean
7FF5ACB36000
unkown image
page readonly
 clean
20346400000
unkown
page read and write
 clean
25E317F000
stack
page read and write
 clean
7FF58E576000
unkown image
page readonly
 clean
7FF58E4DD000
unkown image
page readonly
 clean
1A2EC83C000
unkown
page read and write
 clean
188FD860000
unkown
page read and write
 clean
7FF505424000
unkown image
page readonly
 clean
7FF566917000
unkown image
page readonly
 clean
7FF50543D000
unkown image
page readonly
 clean
C9B857E000
stack
page read and write
 clean
7FF56691C000
unkown image
page readonly
 clean
7DF5A3EA0000
unkown image
page readonly
 clean
7FF510A15000
unkown image
page readonly
 clean
22090100000
unkown image
page readonly
 clean
288EFE7E000
unkown
page read and write
 clean
7FF5ACCD8000
unkown image
page readonly
 clean
20346C02000
unkown
page read and write
 clean
7FF5C429E000
unkown image
page readonly
 clean
7FF5747B8000
unkown image
page readonly
 clean
188FD9F0000
unkown
page read and write
 clean
7DF51AD40000
unkown image
page readonly
 clean
7FF5C661B000
unkown image
page readonly
 clean
7FF566541000
unkown image
page readonly
 clean
2208FFF0000
unkown image
page readonly
 clean
7FF5C4124000
unkown image
page readonly
 clean
288EFE2E000
unkown
page read and write
 clean
1A2EC700000
unkown image
page readonly
 clean
7FF5C427B000
unkown image
page readonly
 clean
21F89602000
unkown
page read and write
 clean
288EFE85000
unkown
page read and write
 clean
7FF505147000
unkown image
page readonly
 clean
7FF51095D000
unkown image
page readonly
 clean
188FD870000
unkown
page read and write
 clean
203463F0000
unkown
page read and write
 clean
1A2EC902000
unkown
page read and write
 clean
7FF5051FC000
unkown image
page readonly
 clean
7FF510B0A000
unkown image
page readonly
 clean
1A2EC5D0000
unkown image
page readonly
 clean
21F8968A000
unkown
page read and write
 clean
7FF58E515000
unkown image
page readonly
 clean
7FF5669ED000
unkown image
page readonly
 clean
21F8963C000
unkown
page read and write
 clean
188F8513000
unkown
page read and write
 clean
1DFC9C00000
unkown
page read and write
 clean
22090802000
unkown
page read and write
 clean
7FF5749F3000
unkown image
page readonly
 clean
7FF510AF5000
unkown image
page readonly
 clean
188FDD30000
unkown
page read and write
 clean
203463F0000
unkown
page read and write
 clean
7DF57C302000
unkown image
page readonly
 clean
288EFE4F000
unkown
page read and write
 clean
7FF5668F2000
unkown image
page readonly
 clean
7FF510012000
unkown image
page readonly
 clean
7FF5748AD000
unkown image
page readonly
 clean
7FF574B0F000
unkown image
page readonly
 clean
188FDB14000
unkown
page read and write
 clean
7FF510AD8000
unkown image
page readonly
 clean
7FF5C63F3000
unkown image
page readonly
 clean
188FD890000
unkown
page read and write
 clean
188FDAE6000
unkown
page read and write
 clean
1D247F000
stack
page read and write
 clean
7DF5264C2000
unkown image
page readonly
 clean
22090900000
unkown
page read and write
 clean
188F8493000
unkown
page read and write
 clean
188FDA20000
unkown
page read and write
 clean
7FF510689000
unkown image
page readonly
 clean
21F8967F000
unkown
page read and write
 clean
7FF574AC8000
unkown image
page readonly
 clean
7FF5C41A7000
unkown image
page readonly
 clean
188FDD20000
unkown
page read and write
 clean
188F9320000
unkown image
page readonly
 clean
7FF574AFE000
unkown image
page readonly
 clean
21F89C50000
unkown image
page readonly
 clean
288EFE6C000
unkown
page read and write
 clean
7FF574808000
unkown image
page readonly
 clean
7FF50543F000
unkown image
page readonly
 clean
1D207A000
stack
page read and write
 clean
7FF574A1D000
unkown image
page readonly
 clean
288F0380000
unkown image
page readonly
 clean
7FF5ACCEB000
unkown image
page readonly
 clean
1E7C6E67000
unkown
page read and write
 clean
21F89AD0000
unkown image
page readonly
 clean
7DF58A400000
unkown image
page readonly
 clean
7FF5661A6000
unkown image
page readonly
 clean
1DFC9C57000
unkown
page read and write
 clean
25E2FFF000
stack
page read and write
 clean
7FF574A07000
unkown image
page readonly
 clean
7FF5AC564000
unkown image
page readonly
 clean
7FF5AC87A000
unkown image
page readonly
 clean
188FDD50000
unkown
page read and write
 clean
5835FFC000
stack
page read and write
 clean
7FF5668C7000
unkown image
page readonly
 clean
288EFE45000
unkown
page read and write
 clean
7FF505358000
unkown image
page readonly
 clean
21F89580000
unkown
page read and write
 clean
7DF5C2612000
unkown image
page readonly
 clean
7DF5A3EB2000
unkown image
page readonly
 clean
288EFC90000
unkown image
page read and write
 clean
7FF510ACC000
unkown image
page readonly
 clean
7FF5ACC38000
unkown image
page readonly
 clean
7FF505206000
unkown image
page readonly
 clean
188F8456000
unkown
page read and write
 clean
288EFE78000
unkown
page read and write
 clean
188F9860000
unkown
page read and write
 clean
7FF5ACC63000
unkown image
page readonly
 clean
7DF57C300000
unkown image
page readonly
 clean
188F8479000
unkown
page read and write
 clean
1D217B000
stack
page read and write
 clean
7FF566717000
unkown image
page readonly
 clean
7FF510AED000
unkown image
page readonly
 clean
1DFC9C60000
unkown
page read and write
 clean
1DFC9ED0000
unkown image
page readonly
 clean
7FF5C4215000
unkown image
page readonly
 clean
7FF5ACCE6000
unkown image
page readonly
 clean
188FD893000
unkown
page read and write
 clean
7FF5C655D000
unkown image
page readonly
 clean
7FF50536D000
unkown image
page readonly
 clean
7DF51AD30000
unkown image
page readonly
 clean
203463F0000
unkown
page read and write
 clean
288F0460000
unkown
page read and write
 clean
288EFE13000
unkown
page read and write
 clean
1DFC9B50000
heap default
page read and write
 clean
188F8D18000
unkown
page read and write
 clean
7FF5665EB000
unkown image
page readonly
 clean
1E7C6E41000
unkown
page read and write
 clean
188FDA99000
unkown
page read and write
 clean
5835E7E000
stack
page read and write
 clean
188FDAE0000
unkown
page read and write
 clean
7FF5C6443000
unkown image
page readonly
 clean
2034645C000
unkown
page read and write
 clean
7FF5C6573000
unkown image
page readonly
 clean
7DF5264D0000
unkown image
page readonly
 clean
288EFE49000
unkown
page read and write
 clean
AA6F77C000
stack
page read and write
 clean
7FF5ACAB2000
unkown image
page readonly
 clean
21F89E02000
unkown
page read and write
 clean
7FF5ACD1F000
unkown image
page readonly
 clean
7FF5ACB2D000
unkown image
page readonly
 clean
1E7C6E5A000
unkown
page read and write
 clean
188FDA0E000
unkown
page read and write
 clean
1E7C7450000
unkown image
page readonly
 clean
AA6F87F000
stack
page read and write
 clean
288EFE3D000
unkown
page read and write
 clean
7FF510BBF000
unkown image
page readonly
 clean
188FDC05000
unkown
page read and write
 clean
7FF5665BD000
unkown image
page readonly
 clean
7DF4A1D70000
unkown image
page readonly
 clean
7DF4882D0000
unkown image
page readonly
 clean
7FF5664BF000
unkown image
page readonly
 clean
288EFE44000
unkown
page read and write
 clean
188FDAE6000
unkown
page read and write
 clean
7FF5C4105000
unkown image
page readonly
 clean
1DFC9D00000
unkown
page read and write
 clean
1A2EC5B0000
unkown image
page read and write
 clean
7DF5DBF22000
unkown image
page readonly
 clean
21F8964F000
unkown
page read and write
 clean
7FF5669C8000
unkown image
page readonly
 clean
F26EFE000
stack
page read and write
 clean
1D1E7A000
stack
page read and write
 clean
7FF5749E0000
unkown image
page readonly
 clean
288EFDE0000
unkown image
page readonly
 clean
7FF5C647F000
unkown image
page readonly
 clean
188FDD10000
unkown
page read and write
 clean
7FF566236000
unkown image
page readonly
 clean
1A2EC813000
unkown
page read and write
 clean
7FF5ACB42000
unkown image
page readonly
 clean
7FF5ACC27000
unkown image
page readonly
 clean
7FF5C60F3000
unkown image
page readonly
 clean
7FF574A3D000
unkown image
page readonly
 clean
188F8477000
unkown
page read and write
 clean
7FF56658A000
unkown image
page readonly
 clean
1E7C6E29000
unkown
page read and write
 clean
1E7C6E77000
unkown
page read and write
 clean
188F848D000
unkown
page read and write
 clean
7DF57C320000
unkown image
page readonly
 clean
7DF5D9BB0000
unkown image
page readonly
 clean
1A2EC620000
heap default
page read and write
 clean
1A2EC847000
unkown
page read and write
 clean
20346270000
unkown image
page readonly
 clean
7FF566A0D000
unkown image
page readonly
 clean
288EFE41000
unkown
page read and write
 clean
2034643D000
unkown
page read and write
 clean
21F89500000
unkown image
page readonly
 clean
7FF50541D000
unkown image
page readonly
 clean
81074FE000
stack
page read and write
 clean
7FF5ACC85000
unkown image
page readonly
 clean
7FF5C653C000
unkown image
page readonly
 clean
1DFC9C7D000
unkown
page read and write
 clean
7DF5D9BB2000
unkown image
page readonly
 clean
22090302000
unkown
page read and write
 clean
288EFE7C000
unkown
page read and write
 clean
7FF5C5A83000
unkown image
page readonly
 clean
F26FF7000
stack
page read and write
 clean
288EFE47000
unkown
page read and write
 clean
21F89600000
unkown
page read and write
 clean
7FF5109D3000
unkown image
page readonly
 clean
7FF574A5A000
unkown image
page readonly
 clean
7FF58E568000
unkown image
page readonly
 clean
21F89530000
unkown image
page readonly
 clean
583617C000
stack
page read and write
 clean
7FF5666FC000
unkown image
page readonly
 clean
7FF58E263000
unkown image
page readonly
 clean
25E33FE000
stack
page read and write
 clean
7FF5C41DD000
unkown image
page readonly
 clean
220901E0000
unkown
page read and write
 clean
7DF5264B2000
unkown image
page readonly
 clean
288EFF02000
unkown
page read and write
 clean
1DFC9B00000
unkown image
page readonly
 clean
7FF510AB7000
unkown image
page readonly
 clean
188F846F000
unkown
page read and write
 clean
7DF47A1D0000
unkown image
page readonly
 clean
7DF5264C2000
unkown image
page readonly
 clean
7DF58A400000
unkown image
page readonly
 clean
288EFE76000
unkown
page read and write
 clean
1E7C6DD0000
unkown
page read and write
 clean
7FF510A34000
unkown image
page readonly
 clean
188F8454000
unkown
page read and write
 clean
188F8340000
unkown image
page readonly
 clean
7FF510BAE000
unkown image
page readonly
 clean
188F83D0000
unkown image
page read and write
 clean
1E7C7460000
unkown image
page readonly
 clean
2208FFC0000
unkown image
page readonly
 clean
7FF5ACC6A000
unkown image
page readonly
 clean
188F8A60000
unkown image
page readonly
 clean
7FF566703000
unkown image
page readonly
 clean
1D1F7E000
stack
page read and write
 clean
22090313000
unkown
page read and write
 clean
2208FFC0000
unkown image
page readonly
 clean
7FF5C41B7000
unkown image
page readonly
 clean
7FF566A0F000
unkown image
page readonly
 clean
7FF5ACABD000
unkown image
page readonly
 clean
1A2EC849000
unkown
page read and write
 clean
1A2EC913000
unkown
page read and write
 clean
20346413000
unkown
page read and write
 clean
288EFE42000
unkown
page read and write
 clean
7FF5050CA000
unkown image
page readonly
 clean
7FF5C641E000
unkown image
page readonly
 clean
1DFC9C8B000
unkown
page read and write
 clean
1A2EC86E000
unkown
page read and write
 clean
7FF566733000
unkown image
page readonly
 clean
1E7C6E7A000
unkown
page read and write
 clean
7FF5C3D79000
unkown image
page readonly
 clean
7DF5DBF20000
unkown image
page readonly
 clean
188FDB00000
unkown
page read and write
 clean
188F8D00000
unkown
page read and write
 clean
288EFE3A000
unkown
page read and write
 clean
7FF5C40C3000
unkown image
page readonly
 clean
7FF5053FF000
unkown image
page readonly
 clean
7DF51AD42000
unkown image
page readonly
 clean
7FF5C40FF000
unkown image
page readonly
 clean
7DF58A412000
unkown image
page readonly
 clean
7DF5DBF40000
unkown image
page readonly
 clean
7FF5C41A3000
unkown image
page readonly
 clean
7FF5ACD04000
unkown image
page readonly
 clean
7FF5668FC000
unkown image
page readonly
 clean
1A2EC86A000
unkown
page read and write
 clean
20346502000
unkown
page read and write
 clean
2208FFA0000
unkown image
page read and write
 clean
188F84FE000
unkown
page read and write
 clean
7FF566A0B000
unkown image
page readonly
 clean
188FDAB0000
unkown
page read and write
 clean
188FD9F0000
unkown
page read and write
 clean
7DF57C302000
unkown image
page readonly
 clean
1E7C6E13000
unkown
page read and write
 clean
7FF5666CF000
unkown image
page readonly
 clean
1E7C72D0000
unkown image
page readonly
 clean
188FDE80000
unkown
page read and write
 clean
288EFE29000
unkown
page read and write
 clean
25E2E7E000
stack
page read and write
 clean
188F8413000
unkown
page read and write
 clean
188F8429000
unkown
page read and write
 clean
C9B87FF000
stack
page read and write
 clean
1DFCA402000
unkown
page read and write
 clean
7FF566584000
unkown image
page readonly
 clean
7DF5A3EC0000
unkown image
page readonly
 clean
7FF50520F000
unkown image
page readonly
 clean
220902C3000
unkown
page read and write
 clean
7FF58E4F3000
unkown image
page readonly
 clean
1A2EC885000
unkown
page read and write
 clean
5CF75FB000
stack
page read and write
 clean
188FDD50000
unkown
page read and write
 clean
7FF574A75000
unkown image
page readonly
 clean
7FF5C6565000
unkown image
page readonly
 clean
188F8320000
unkown image
page read and write
 clean
7FF58E4C8000
unkown image
page readonly
 clean
188FDC00000
unkown
page read and write
 clean
7FF510019000
unkown image
page readonly
 clean
7DF51AD32000
unkown image
page readonly
 clean
7FF50540B000
unkown image
page readonly
 clean
7DF5DBF32000
unkown image
page readonly
 clean
7FF5667C3000
unkown image
page readonly
 clean
1DFC9C71000
unkown
page read and write
 clean
21F894F0000
heap private
page read and write
 clean
2208FFE0000
unkown image
page readonly
 clean
1A2EC5F0000
unkown image
page readonly
 clean
22090213000
unkown
page read and write
 clean
188FDC01000
unkown
page read and write
 clean
288EFE31000
unkown
page read and write
 clean
188FDD40000
unkown
page read and write
 clean
22090244000
unkown
page read and write
 clean
220902CC000
unkown
page read and write
 clean
1D22FE000
stack
page read and write
 clean
25E2EFE000
stack
page read and write
 clean
7FF510B8B000
unkown image
page readonly
 clean
8107AFF000
stack
page read and write
 clean
7FF5C4294000
unkown image
page readonly
 clean
7DF51AD32000
unkown image
page readonly
 clean
7FF5669DB000
unkown image
page readonly
 clean
7FF5ACBF4000
unkown image
page readonly
 clean
7FF58E4FA000
unkown image
page readonly
 clean
7FF5C662F000
unkown image
page readonly
 clean
7FF5C60F9000
unkown image
page readonly
 clean
7DF5C2622000
unkown image
page readonly
 clean
1D237E000
stack
page read and write
 clean
1A2ECC00000
unkown image
page readonly
 clean
1A2EC829000
unkown
page read and write
 clean
7FF5668C0000
unkown image
page readonly
 clean
7DF4D7A70000
unkown image
page readonly
 clean
7FF5666FA000
unkown image
page readonly
 clean
7DF57C320000
unkown image
page readonly
 clean
7DF58A402000
unkown image
page readonly
 clean
7DF51AD42000
unkown image
page readonly
 clean
288EFE4E000
unkown
page read and write
 clean
7FF5746E4000
unkown image
page readonly
 clean
7FF5ACCEE000
unkown image
page readonly
 clean
7FF574AFB000
unkown image
page readonly
 clean
7FF566760000
unkown image
page readonly
 clean
AA6F2FE000
stack
page read and write
 clean
7FF5051D2000
unkown image
page readonly
 clean
7FF56669A000
unkown image
page readonly
 clean
1A2EC84E000
unkown
page read and write
 clean
203463C0000
unkown
page read and write
 clean
203463A0000
unkown image
page readonly
 clean
7FF505406000
unkown image
page readonly
 clean
7FF5667C8000
unkown image
page readonly
 clean
188FDC34000
unkown
page read and write
 clean
7DF418C00000
unkown image
page readonly
 clean
1E7C6DA0000
heap default
page read and write
 clean
7FF5C65FB000
unkown image
page readonly
 clean
7FF50534C000
unkown image
page readonly
 clean
22090229000
unkown
page read and write
 clean
F270FF000
stack
page read and write
 clean
C9B88FE000
stack
page read and write
 clean
1E7C6D30000
unkown image
page read and write
 clean
7FF5C3D88000
unkown image
page readonly
 clean
188F8474000
unkown
page read and write
 clean
7FF5C65E8000
unkown image
page readonly
 clean
288EFD00000
heap default
page read and write
 clean
1A2EC820000
unkown
page read and write
 clean
7FF5AC9F8000
unkown image
page readonly
 clean
1D267E000
stack
page read and write
 clean
7FF574A49000
unkown image
page readonly
 clean
7FF5665B3000
unkown image
page readonly
 clean
288EFE2D000
unkown
page read and write
 clean
AA6F97E000
stack
page read and write
 clean
1E7C6E00000
unkown
page read and write
 clean
188FDD60000
unkown
page read and write
 clean
188F86D0000
unkown image
page readonly
 clean
7FF5053A5000
unkown image
page readonly
 clean
F271FF000
stack
page read and write
 clean
2209026D000
unkown
page read and write
 clean
1DFCA250000
unkown image
page readonly
 clean
1DFC9C3C000
unkown
page read and write
 clean
7FF58E4BC000
unkown image
page readonly
 clean
7FF5C41E5000
unkown image
page readonly
 clean
188F9360000
unkown image
page read and write
 clean
25E29AB000
unkown
page read and write
 clean
7FF5ACC0C000
unkown image
page readonly
 clean
20346A60000
unkown
page read and write
 clean
7FF58E4E9000
unkown image
page readonly
 clean
188F8C02000
unkown
page read and write
 clean
7FF5C409E000
unkown image
page readonly
 clean
7DF58A410000
unkown image
page readonly
 clean
188F84BC000
unkown
page read and write
 clean
1E7C6D80000
unkown image
page readonly
 clean
7DF5D9BA2000
unkown image
page readonly
 clean
1D23FF000
stack
page read and write
 clean
7FF5ACC55000
unkown image
page readonly
 clean
7FF5C6614000
unkown image
page readonly
 clean
288EFE65000
unkown
page read and write
 clean
7FF5ACC4D000
unkown image
page readonly
 clean
7FF566884000
unkown image
page readonly
 clean
188F8400000
unkown
page read and write
 clean
1E7C6E02000
unkown
page read and write
 clean
188F8D59000
unkown
page read and write
 clean
1DFC9AE0000
unkown image
page read and write
 clean
81079FE000
stack
page read and write
 clean
7FF5C6569000
unkown image
page readonly
 clean
21F89713000
unkown
page read and write
 clean
7FF5C429B000
unkown image
page readonly
 clean
5CF79FD000
stack
page read and write
 clean
288EFE40000
unkown
page read and write
 clean
203462C0000
heap default
page read and write
 clean
7DF5DBF20000
unkown image
page readonly
 clean
7FF510BBF000
unkown image
page readonly
 clean
7FF566731000
unkown image
page readonly
 clean
7DF5D9BC0000
unkown image
page readonly
 clean
7FF5C6527000
unkown image
page readonly
 clean
1DFC9C66000
unkown
page read and write
 clean
188FDC20000
unkown
page read and write
 clean
288EFE39000
unkown
page read and write
 clean
7FF58E57B000
unkown image
page readonly
 clean
188FDC20000
unkown
page read and write
 clean
7DF5DBF22000
unkown image
page readonly
 clean
20346600000
unkown image
page readonly
 clean
7FF5C660D000
unkown image
page readonly
 clean
7DF5C2610000
unkown image
page readonly
 clean
7DF5A3EA0000
unkown image
page readonly
 clean
188F9340000
unkown image
page readonly
 clean
1A2EC5C0000
heap private
page read and write
 clean
188F88D0000
unkown image
page readonly
 clean
7FF574B0F000
unkown image
page readonly
 clean
188F83C0000
unkown
page read and write
 clean
7DF5A3EC0000
unkown image
page readonly
 clean
188F9310000
unkown image
page readonly
 clean
7DF57C312000
unkown image
page readonly
 clean
7FF5ACD1B000
unkown image
page readonly
 clean
1DFC9B30000
unkown image
page readonly
 clean
7FF5C42AF000
unkown image
page readonly
 clean
7FF5669DE000
unkown image
page readonly
 clean
7FF5051DD000
unkown image
page readonly
 clean
188FDA00000
unkown
page read and write
 clean
7FF5C41FA000
unkown image
page readonly
 clean
220902BB000
unkown
page read and write
 clean
188FDAA7000
unkown
page read and write
 clean
7FF58E4A7000
unkown image
page readonly
 clean
7FF505383000
unkown image
page readonly
 clean
188FDA4C000
unkown
page read and write
 clean
7FF5C41E9000
unkown image
page readonly
 clean
1A2EC7F0000
unkown
page read and write
 clean
7FF5C662F000
unkown image
page readonly
 clean
188F8A50000
unkown image
page readonly
 clean
188F8330000
heap private
page read and write
 clean
21F89629000
unkown
page read and write
 clean
7DF5C2612000
unkown image
page readonly
 clean
810777B000
stack
page read and write
 clean
7DF5264C0000
unkown image
page readonly
 clean
810757E000
stack
page read and write
 clean
7FF566907000
unkown image
page readonly
 clean
7FF58E594000
unkown image
page readonly
 clean
7FF50532C000
unkown image
page readonly
 clean
1A2EC853000
unkown
page read and write
 clean
7FF5C657A000
unkown image
page readonly
 clean
188FDE90000
unkown
page read and write
 clean
AA6F27B000
unkown
page read and write
 clean
5CF7CFF000
stack
page read and write
 clean
188F9300000
unkown image
page readonly
 clean
7FF5C404D000
unkown image
page readonly
 clean
188F8D18000
unkown
page read and write
 clean
1E7C6E6D000
unkown
page read and write
 clean
288EFE4B000
unkown
page read and write
 clean
7DF58A420000
unkown image
page readonly
 clean
220902E7000
unkown
page read and write
 clean
7DF424380000
unkown image
page readonly
 clean
7FF58E56F000
unkown image
page readonly
 clean
21F89651000
unkown
page read and write
 clean
7FF574AD6000
unkown image
page readonly
 clean
7FF5ACB94000
unkown image
page readonly
 clean
21F8964B000
unkown
page read and write
 clean
7FF566949000
unkown image
page readonly
 clean
7FF510BAB000
unkown image
page readonly
 clean
21F8964A000
unkown
page read and write
 clean
22090932000
unkown
page read and write
 clean
7FF5ACD0B000
unkown image
page readonly
 clean
7DF5C2630000
unkown image
page readonly
 clean
188FDAFC000
unkown
page read and write
 clean
7FF574B0D000
unkown image
page readonly
 clean
7FF50542E000
unkown image
page readonly
 clean
7FF5C3AFA000
unkown image
page readonly
 clean
7FF574AED000
unkown image
page readonly
 clean
21F89700000
unkown
page read and write
 clean
7DF5A3EA2000
unkown image
page readonly
 clean
7FF510B78000
unkown image
page readonly
 clean
1A2EC908000
unkown
page read and write
 clean
7FF566A0F000
unkown image
page readonly
 clean
188F8502000
unkown
page read and write
 clean
7FF5ACCFD000
unkown image
page readonly
 clean
7FF566903000
unkown image
page readonly
 clean
7FF566255000
unkown image
page readonly
 clean
188FDB02000
unkown
page read and write
 clean
7FF5C661E000
unkown image
page readonly
 clean
220902E2000
unkown
page read and write
 clean
21F898D0000
unkown image
page readonly
 clean
188F8340000
unkown image
page readonly
 clean
7DF57C312000
unkown image
page readonly
 clean
7DF57C310000
unkown image
page readonly
 clean
7FF5C62E3000
unkown image
page readonly
 clean
81078F7000
stack
page read and write
 clean
1DFC9B60000
unkown image
page readonly
 clean
21F8964E000
unkown
page read and write
 clean
188F8F81000
unkown
page read and write
 clean
7FF574A45000
unkown image
page readonly
 clean
7FF574ADB000
unkown image
page readonly
 clean
There are 825 hidden memdumps, click here to show them.

DOM / HTML

URL
Malicious
http://waticantide.cf/23101/
 malicious
https://awayras.com/
 clean